ChangeLog for: 2022-10-25 19:38:58

ap/alsa-utils-1.2.8-x86_64-1.txz:  Upgraded.
l/alsa-lib-1.2.8-x86_64-1.txz:  Upgraded.
l/expat-2.5.0-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix heap use-after-free after overeager destruction of a shared DTD in
  function XML_ExternalEntityParserCreate in out-of-memory situations.
  Expected impact is denial of service or potentially arbitrary code
  execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
  (* Security fix *)
n/samba-4.17.2-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
  and unwrap_des3() routines of Heimdal (included in Samba).
  A malicious client can use a symlink to escape the exported directory.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-3437.html
    https://www.samba.org/samba/security/CVE-2022-3592.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592
  (* Security fix *)